From 7f536ec86e17fe66f3c91a796006fe957ad8d31c Mon Sep 17 00:00:00 2001
From: Daniel Quackenbush <25692880+danquack@users.noreply.github.com>
Date: Mon, 20 Dec 2021 11:00:07 -0500
Subject: [PATCH 01/10] :sparkles: new data source
user_pool_signing_certificate
---
internal/provider/provider.go | 3 +-
.../test-fixtures/saml-metadata.xml | 15 +++++
.../user_pool_signing_cert_data_source.go | 40 +++++++++++++
.../user_pool_signing_cert_data_test.go | 57 +++++++++++++++++++
...ito_user_pool_signing_certificate.markdown | 28 +++++++++
5 files changed, 142 insertions(+), 1 deletion(-)
create mode 100644 internal/service/cognitoidp/test-fixtures/saml-metadata.xml
create mode 100644 internal/service/cognitoidp/user_pool_signing_cert_data_source.go
create mode 100644 internal/service/cognitoidp/user_pool_signing_cert_data_test.go
create mode 100644 website/docs/d/cognito_user_pool_signing_certificate.markdown
diff --git a/internal/provider/provider.go b/internal/provider/provider.go
index 7240ab1490b..5424e998f00 100644
--- a/internal/provider/provider.go
+++ b/internal/provider/provider.go
@@ -396,7 +396,8 @@ func Provider() *schema.Provider {
"aws_codestarconnections_connection": codestarconnections.DataSourceConnection(),
- "aws_cognito_user_pools": cognitoidp.DataSourceUserPools(),
+ "aws_cognito_user_pools": cognitoidp.DataSourceUserPools(),
+ "aws_cognito_user_pool_signing_certificate": cognitoidp.DataSourceSigningCert(),
"aws_connect_contact_flow": connect.DataSourceContactFlow(),
"aws_connect_instance": connect.DataSourceInstance(),
diff --git a/internal/service/cognitoidp/test-fixtures/saml-metadata.xml b/internal/service/cognitoidp/test-fixtures/saml-metadata.xml
new file mode 100644
index 00000000000..fb42fca70f1
--- /dev/null
+++ b/internal/service/cognitoidp/test-fixtures/saml-metadata.xml
@@ -0,0 +1,15 @@
+
+
+
+
+
+
+ MIICfjCCAeegAwIBAgIBADANBgkqhkiG9w0BAQ0FADBbMQswCQYDVQQGEwJ1czELMAkGA1UECAwCQ0ExEjAQBgNVBAoMCVRlcnJhZm9ybTErMCkGA1UEAwwidGVycmFmb3JtLWRldi1lZC5teS5zYWxlc2ZvcmNlLmNvbTAgFw0yMDA4MjkxNDQ4MzlaGA8yMDcwMDgxNzE0NDgzOVowWzELMAkGA1UEBhMCdXMxCzAJBgNVBAgMAkNBMRIwEAYDVQQKDAlUZXJyYWZvcm0xKzApBgNVBAMMInRlcnJhZm9ybS1kZXYtZWQubXkuc2FsZXNmb3JjZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOxUTzEKdivVjfZ/BERGpX/ZWQsBKHut17dQTKW/3jox1N9EJ3ULj9qEDen6zQ74Ce8hSEkrG7MP9mcP1oEhQZSca5tTAop1GejJG+bfF4v6cXM9pqHlllrYrmXMfESiahqhBhE8VvoGJkvp393TcB1lX+WxO8Q74demTrQn5tgvAgMBAAGjUDBOMB0GA1UdDgQWBBREKZt4Av70WKQE4aLD2tvbSLnBlzAfBgNVHSMEGDAWgBREKZt4Av70WKQE4aLD2tvbSLnBlzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBDQUAA4GBACxeC29WMGqeOlQF4JWwsYwIC82SUaZvMDqjAm9ieIrAZRH6J6Cu40c/rvsUGUjQ9logKX15RAyI7Rn0jBUgopRkNL71HyyM7ug4qN5An05VmKQWIbVfxkNVB2Ipb/ICMc5UE38G4y4VbANZFvbFbkVq6OAP2GGNl22o/XSnhFY8
+
+
+
+ urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
+
+
+
+
diff --git a/internal/service/cognitoidp/user_pool_signing_cert_data_source.go b/internal/service/cognitoidp/user_pool_signing_cert_data_source.go
new file mode 100644
index 00000000000..ab1f21e47d3
--- /dev/null
+++ b/internal/service/cognitoidp/user_pool_signing_cert_data_source.go
@@ -0,0 +1,40 @@
+package cognitoidp
+
+import (
+ "fmt"
+
+ "github.com/aws/aws-sdk-go/aws"
+ "github.com/aws/aws-sdk-go/service/cognitoidentityprovider"
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+ "github.com/hashicorp/terraform-provider-aws/internal/conns"
+)
+
+func DataSourceSigningCert() *schema.Resource {
+ return &schema.Resource{
+ Read: dataSourceUserPoolSigningCertRead,
+ Schema: map[string]*schema.Schema{
+ "user_pool_id": {
+ Type: schema.TypeString,
+ Required: true,
+ },
+ "certificate": {
+ Type: schema.TypeString,
+ Computed: true,
+ },
+ },
+ }
+}
+
+func dataSourceUserPoolSigningCertRead(d *schema.ResourceData, meta interface{}) error {
+ id := d.Get("user_pool_id").(string)
+ conn := meta.(*conns.AWSClient).CognitoIDPConn
+ result, err := conn.GetSigningCertificate(&cognitoidentityprovider.GetSigningCertificateInput{
+ UserPoolId: aws.String(id),
+ })
+ if err != nil {
+ return fmt.Errorf("Error getting signing cert from user pool: %w", err)
+ }
+ d.SetId(id)
+ d.Set("certificate", *result.Certificate)
+ return nil
+}
diff --git a/internal/service/cognitoidp/user_pool_signing_cert_data_test.go b/internal/service/cognitoidp/user_pool_signing_cert_data_test.go
new file mode 100644
index 00000000000..7096a39014c
--- /dev/null
+++ b/internal/service/cognitoidp/user_pool_signing_cert_data_test.go
@@ -0,0 +1,57 @@
+package cognitoidp_test
+
+import (
+ "fmt"
+ "testing"
+
+ "github.com/aws/aws-sdk-go/service/cognitoidentityprovider"
+ sdkacctest "github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest"
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+ "github.com/hashicorp/terraform-provider-aws/internal/acctest"
+)
+
+func TestAccCognitoIDPUserPoolSigningCertDataSource_basic(t *testing.T) {
+ resourceName := fmt.Sprintf("tf_acc_ds_cognito_user_pools_%s", sdkacctest.RandString(7))
+ resource.ParallelTest(t, resource.TestCase{
+ PreCheck: func() { acctest.PreCheck(t); testAccPreCheckIdentityProvider(t) },
+ ErrorCheck: acctest.ErrorCheck(t, cognitoidentityprovider.EndpointsID),
+ Providers: acctest.Providers,
+ Steps: []resource.TestStep{
+ {
+ Config: testAccUserPoolSigningCertDataSourceConfig_basic(resourceName),
+ Check: resource.ComposeAggregateTestCheckFunc(
+ resource.TestCheckResourceAttrSet("data.aws_cognito_user_pool_signing_certificate.saml", "certificate"),
+ ),
+ },
+ },
+ })
+}
+
+func testAccUserPoolSigningCertDataSourceConfig_basic(rName string) string {
+ return fmt.Sprintf(`
+resource "aws_cognito_user_pool" "saml" {
+ name = "%s"
+ auto_verified_attributes = ["email"]
+}
+resource "aws_cognito_identity_provider" "saml" {
+ user_pool_id = aws_cognito_user_pool.saml.id
+ provider_name = "SAML"
+ provider_type = "SAML"
+
+ provider_details = {
+ MetadataFile = file("./test-fixtures/saml-metadata.xml")
+ // if we don't specify below, terraform always thinks this resource has
+ // changed: https://github.com/terraform-providers/terraform-provider-aws/issues/4831
+ SSORedirectBindingURI = "https://terraform-dev-ed.my.salesforce.com/idp/endpoint/HttpRedirect"
+ }
+
+ attribute_mapping = {
+ email = "email"
+ }
+}
+
+data "aws_cognito_user_pool_signing_certificate" "saml" {
+ user_pool_id = aws_cognito_user_pool.saml.id
+}
+`, rName)
+}
diff --git a/website/docs/d/cognito_user_pool_signing_certificate.markdown b/website/docs/d/cognito_user_pool_signing_certificate.markdown
new file mode 100644
index 00000000000..40e23470311
--- /dev/null
+++ b/website/docs/d/cognito_user_pool_signing_certificate.markdown
@@ -0,0 +1,28 @@
+---
+subcategory: "Cognito"
+layout: "aws"
+page_title: "AWS: aws_cognito_user_pool_signing_certificate"
+description: |-
+ Get signing certificate of user pool
+---
+
+# Data Source: aws_cognito_user_pool_signing_certificate
+
+Use this data source to get the signing certificate to the external SAML IdP.
+
+## Example Usage
+
+```terraform
+data "aws_cognito_user_pool_signing_certificate" "sc" {
+ user_pool_id = aws_cognito_user_pool.my_pool.id
+}
+```
+
+## Argument Reference
+
+* `user_pool_id` - (required) The Cognito user pool ids.
+
+
+## Attributes Reference
+
+* `certificate` - the certificate string
From eb593dba418c9d27d15f9c584c0dbde3822d19ea Mon Sep 17 00:00:00 2001
From: Daniel Quackenbush <25692880+danquack@users.noreply.github.com>
Date: Mon, 20 Dec 2021 11:07:00 -0500
Subject: [PATCH 02/10] changelog
---
.changelog/22285.txt | 3 +++
1 file changed, 3 insertions(+)
create mode 100644 .changelog/22285.txt
diff --git a/.changelog/22285.txt b/.changelog/22285.txt
new file mode 100644
index 00000000000..00834e92506
--- /dev/null
+++ b/.changelog/22285.txt
@@ -0,0 +1,3 @@
+```release-note:enhancement
+data-source/aws_cognito_user_pool_signing_certificate: Add new data source for looking of signing certificate.
+```
\ No newline at end of file
From cd28514bced006b9c5f5d3863c474f61104f2237 Mon Sep 17 00:00:00 2001
From: Daniel Quackenbush <25692880+danquack@users.noreply.github.com>
Date: Mon, 20 Dec 2021 11:30:41 -0500
Subject: [PATCH 03/10] provider linting
---
.../user_pool_signing_cert_data_source.go | 2 +-
.../user_pool_signing_cert_data_test.go | 31 ++++++++++---------
2 files changed, 18 insertions(+), 15 deletions(-)
diff --git a/internal/service/cognitoidp/user_pool_signing_cert_data_source.go b/internal/service/cognitoidp/user_pool_signing_cert_data_source.go
index ab1f21e47d3..688134c02d6 100644
--- a/internal/service/cognitoidp/user_pool_signing_cert_data_source.go
+++ b/internal/service/cognitoidp/user_pool_signing_cert_data_source.go
@@ -35,6 +35,6 @@ func dataSourceUserPoolSigningCertRead(d *schema.ResourceData, meta interface{})
return fmt.Errorf("Error getting signing cert from user pool: %w", err)
}
d.SetId(id)
- d.Set("certificate", *result.Certificate)
+ d.Set("certificate", result.Certificate)
return nil
}
diff --git a/internal/service/cognitoidp/user_pool_signing_cert_data_test.go b/internal/service/cognitoidp/user_pool_signing_cert_data_test.go
index 7096a39014c..df2a1458e43 100644
--- a/internal/service/cognitoidp/user_pool_signing_cert_data_test.go
+++ b/internal/service/cognitoidp/user_pool_signing_cert_data_test.go
@@ -11,15 +11,18 @@ import (
)
func TestAccCognitoIDPUserPoolSigningCertDataSource_basic(t *testing.T) {
- resourceName := fmt.Sprintf("tf_acc_ds_cognito_user_pools_%s", sdkacctest.RandString(7))
+ testName := fmt.Sprintf("tf_acc_ds_cognito_user_pools_%s", sdkacctest.RandString(7))
+ resourceName := "aws_cognito_user_pool.saml"
resource.ParallelTest(t, resource.TestCase{
- PreCheck: func() { acctest.PreCheck(t); testAccPreCheckIdentityProvider(t) },
- ErrorCheck: acctest.ErrorCheck(t, cognitoidentityprovider.EndpointsID),
- Providers: acctest.Providers,
+ PreCheck: func() { acctest.PreCheck(t); testAccPreCheckIdentityProvider(t) },
+ ErrorCheck: acctest.ErrorCheck(t, cognitoidentityprovider.EndpointsID),
+ Providers: acctest.Providers,
+ CheckDestroy: testAccCheckUserPoolDestroy,
Steps: []resource.TestStep{
{
- Config: testAccUserPoolSigningCertDataSourceConfig_basic(resourceName),
+ Config: testAccUserPoolSigningCertDataSourceConfig_basic(testName),
Check: resource.ComposeAggregateTestCheckFunc(
+ testAccCheckUserPoolExists(resourceName, nil),
resource.TestCheckResourceAttrSet("data.aws_cognito_user_pool_signing_certificate.saml", "certificate"),
),
},
@@ -37,21 +40,21 @@ resource "aws_cognito_identity_provider" "saml" {
user_pool_id = aws_cognito_user_pool.saml.id
provider_name = "SAML"
provider_type = "SAML"
-
+
provider_details = {
- MetadataFile = file("./test-fixtures/saml-metadata.xml")
- // if we don't specify below, terraform always thinks this resource has
- // changed: https://github.com/terraform-providers/terraform-provider-aws/issues/4831
- SSORedirectBindingURI = "https://terraform-dev-ed.my.salesforce.com/idp/endpoint/HttpRedirect"
+ MetadataFile = file("./test-fixtures/saml-metadata.xml")
+ // if we don't specify below, terraform always thinks this resource has
+ // changed: https://github.com/terraform-providers/terraform-provider-aws/issues/4831
+ SSORedirectBindingURI = "https://terraform-dev-ed.my.salesforce.com/idp/endpoint/HttpRedirect"
}
-
+
attribute_mapping = {
- email = "email"
+ email = "email"
}
}
-
+
data "aws_cognito_user_pool_signing_certificate" "saml" {
- user_pool_id = aws_cognito_user_pool.saml.id
+ user_pool_id = aws_cognito_user_pool.saml.id
}
`, rName)
}
From 5d982187d78fdee5baee2e72262b48b37b392b61 Mon Sep 17 00:00:00 2001
From: Daniel Quackenbush <25692880+danquack@users.noreply.github.com>
Date: Mon, 20 Dec 2021 11:35:04 -0500
Subject: [PATCH 04/10] docs formating
---
website/docs/d/cognito_user_pool_signing_certificate.markdown | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/website/docs/d/cognito_user_pool_signing_certificate.markdown b/website/docs/d/cognito_user_pool_signing_certificate.markdown
index 40e23470311..69545097795 100644
--- a/website/docs/d/cognito_user_pool_signing_certificate.markdown
+++ b/website/docs/d/cognito_user_pool_signing_certificate.markdown
@@ -14,7 +14,7 @@ Use this data source to get the signing certificate to the external SAML IdP.
```terraform
data "aws_cognito_user_pool_signing_certificate" "sc" {
- user_pool_id = aws_cognito_user_pool.my_pool.id
+ user_pool_id = aws_cognito_user_pool.my_pool.id
}
```
From a9deb1f1fa025bbadd49aedc8221e4557c830711 Mon Sep 17 00:00:00 2001
From: Daniel Quackenbush <25692880+danquack@users.noreply.github.com>
Date: Mon, 20 Dec 2021 11:45:35 -0500
Subject: [PATCH 05/10] terrafmt fix
---
.../user_pool_signing_cert_data_test.go | 36 +++++++++----------
1 file changed, 18 insertions(+), 18 deletions(-)
diff --git a/internal/service/cognitoidp/user_pool_signing_cert_data_test.go b/internal/service/cognitoidp/user_pool_signing_cert_data_test.go
index df2a1458e43..d57c0172eb3 100644
--- a/internal/service/cognitoidp/user_pool_signing_cert_data_test.go
+++ b/internal/service/cognitoidp/user_pool_signing_cert_data_test.go
@@ -33,28 +33,28 @@ func TestAccCognitoIDPUserPoolSigningCertDataSource_basic(t *testing.T) {
func testAccUserPoolSigningCertDataSourceConfig_basic(rName string) string {
return fmt.Sprintf(`
resource "aws_cognito_user_pool" "saml" {
- name = "%s"
- auto_verified_attributes = ["email"]
+ name = "%s"
+ auto_verified_attributes = ["email"]
}
resource "aws_cognito_identity_provider" "saml" {
- user_pool_id = aws_cognito_user_pool.saml.id
- provider_name = "SAML"
- provider_type = "SAML"
-
- provider_details = {
- MetadataFile = file("./test-fixtures/saml-metadata.xml")
- // if we don't specify below, terraform always thinks this resource has
- // changed: https://github.com/terraform-providers/terraform-provider-aws/issues/4831
- SSORedirectBindingURI = "https://terraform-dev-ed.my.salesforce.com/idp/endpoint/HttpRedirect"
- }
-
- attribute_mapping = {
- email = "email"
- }
+ user_pool_id = aws_cognito_user_pool.saml.id
+ provider_name = "SAML"
+ provider_type = "SAML"
+
+ provider_details = {
+ MetadataFile = file("./test-fixtures/saml-metadata.xml")
+ // if we don't specify below, terraform always thinks this resource has
+ // changed: https://github.com/terraform-providers/terraform-provider-aws/issues/4831
+ SSORedirectBindingURI = "https://terraform-dev-ed.my.salesforce.com/idp/endpoint/HttpRedirect"
+ }
+
+ attribute_mapping = {
+ email = "email"
+ }
}
-
+
data "aws_cognito_user_pool_signing_certificate" "saml" {
- user_pool_id = aws_cognito_user_pool.saml.id
+ user_pool_id = aws_cognito_user_pool.saml.id
}
`, rName)
}
From c7e31f2a6a9ef20e419e3dfdad2bc3d7e47873c8 Mon Sep 17 00:00:00 2001
From: Daniel Quackenbush <25692880+danquack@users.noreply.github.com>
Date: Mon, 20 Dec 2021 12:23:53 -0500
Subject: [PATCH 06/10] remove unneeded comment
---
.../service/cognitoidp/user_pool_signing_cert_data_test.go | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/internal/service/cognitoidp/user_pool_signing_cert_data_test.go b/internal/service/cognitoidp/user_pool_signing_cert_data_test.go
index d57c0172eb3..dd4c58f9227 100644
--- a/internal/service/cognitoidp/user_pool_signing_cert_data_test.go
+++ b/internal/service/cognitoidp/user_pool_signing_cert_data_test.go
@@ -42,9 +42,7 @@ resource "aws_cognito_identity_provider" "saml" {
provider_type = "SAML"
provider_details = {
- MetadataFile = file("./test-fixtures/saml-metadata.xml")
- // if we don't specify below, terraform always thinks this resource has
- // changed: https://github.com/terraform-providers/terraform-provider-aws/issues/4831
+ MetadataFile = file("./test-fixtures/saml-metadata.xml")
SSORedirectBindingURI = "https://terraform-dev-ed.my.salesforce.com/idp/endpoint/HttpRedirect"
}
From e308f06fd7b11e04b763503b0e1a3983ab269dfa Mon Sep 17 00:00:00 2001
From: Kit Ewbank
Date: Tue, 21 Dec 2021 08:23:30 -0500
Subject: [PATCH 07/10] Correct CHANGELOG entry.
---
.changelog/22285.txt | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/.changelog/22285.txt b/.changelog/22285.txt
index 00834e92506..24fecbc6102 100644
--- a/.changelog/22285.txt
+++ b/.changelog/22285.txt
@@ -1,3 +1,3 @@
-```release-note:enhancement
-data-source/aws_cognito_user_pool_signing_certificate: Add new data source for looking of signing certificate.
+```release-note:new-data-source
+aws_cognito_user_pool_signing_certificate
```
\ No newline at end of file
From dccc7f20c7ee49317e86e1924df4a785df1b0b51 Mon Sep 17 00:00:00 2001
From: Kit Ewbank
Date: Tue, 21 Dec 2021 08:27:24 -0500
Subject: [PATCH 08/10] d/aws_user_pool_signing_certificate: Rename source
files.
---
...ata_source.go => user_pool_signing_certificate_data_source.go} | 0
..._test.go => user_pool_signing_certificate_data_source_test.go} | 0
2 files changed, 0 insertions(+), 0 deletions(-)
rename internal/service/cognitoidp/{user_pool_signing_cert_data_source.go => user_pool_signing_certificate_data_source.go} (100%)
rename internal/service/cognitoidp/{user_pool_signing_cert_data_test.go => user_pool_signing_certificate_data_source_test.go} (100%)
diff --git a/internal/service/cognitoidp/user_pool_signing_cert_data_source.go b/internal/service/cognitoidp/user_pool_signing_certificate_data_source.go
similarity index 100%
rename from internal/service/cognitoidp/user_pool_signing_cert_data_source.go
rename to internal/service/cognitoidp/user_pool_signing_certificate_data_source.go
diff --git a/internal/service/cognitoidp/user_pool_signing_cert_data_test.go b/internal/service/cognitoidp/user_pool_signing_certificate_data_source_test.go
similarity index 100%
rename from internal/service/cognitoidp/user_pool_signing_cert_data_test.go
rename to internal/service/cognitoidp/user_pool_signing_certificate_data_source_test.go
From 5c0bd66da1616c86a964048d784d836d1993d2ca Mon Sep 17 00:00:00 2001
From: Kit Ewbank
Date: Tue, 21 Dec 2021 08:35:58 -0500
Subject: [PATCH 09/10] d/aws_user_pool_signing_certificate: Rename functions
to match data source name.
---
internal/provider/provider.go | 2 +-
...er_pool_signing_certificate_data_source.go | 35 +++++++++++--------
...ol_signing_certificate_data_source_test.go | 34 +++++++++---------
3 files changed, 39 insertions(+), 32 deletions(-)
diff --git a/internal/provider/provider.go b/internal/provider/provider.go
index 5424e998f00..457ab6e0e29 100644
--- a/internal/provider/provider.go
+++ b/internal/provider/provider.go
@@ -397,7 +397,7 @@ func Provider() *schema.Provider {
"aws_codestarconnections_connection": codestarconnections.DataSourceConnection(),
"aws_cognito_user_pools": cognitoidp.DataSourceUserPools(),
- "aws_cognito_user_pool_signing_certificate": cognitoidp.DataSourceSigningCert(),
+ "aws_cognito_user_pool_signing_certificate": cognitoidp.DataSourceUserPoolSigningCertificate(),
"aws_connect_contact_flow": connect.DataSourceContactFlow(),
"aws_connect_instance": connect.DataSourceInstance(),
diff --git a/internal/service/cognitoidp/user_pool_signing_certificate_data_source.go b/internal/service/cognitoidp/user_pool_signing_certificate_data_source.go
index 688134c02d6..dd583df037b 100644
--- a/internal/service/cognitoidp/user_pool_signing_certificate_data_source.go
+++ b/internal/service/cognitoidp/user_pool_signing_certificate_data_source.go
@@ -9,32 +9,39 @@ import (
"github.com/hashicorp/terraform-provider-aws/internal/conns"
)
-func DataSourceSigningCert() *schema.Resource {
+func DataSourceUserPoolSigningCertificate() *schema.Resource {
return &schema.Resource{
- Read: dataSourceUserPoolSigningCertRead,
+ Read: dataSourceUserPoolSigningCertificateRead,
+
Schema: map[string]*schema.Schema{
- "user_pool_id": {
- Type: schema.TypeString,
- Required: true,
- },
"certificate": {
Type: schema.TypeString,
Computed: true,
},
+ "user_pool_id": {
+ Type: schema.TypeString,
+ Required: true,
+ },
},
}
}
-func dataSourceUserPoolSigningCertRead(d *schema.ResourceData, meta interface{}) error {
- id := d.Get("user_pool_id").(string)
+func dataSourceUserPoolSigningCertificateRead(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*conns.AWSClient).CognitoIDPConn
- result, err := conn.GetSigningCertificate(&cognitoidentityprovider.GetSigningCertificateInput{
- UserPoolId: aws.String(id),
- })
+
+ userPoolID := d.Get("user_pool_id").(string)
+ input := &cognitoidentityprovider.GetSigningCertificateInput{
+ UserPoolId: aws.String(userPoolID),
+ }
+
+ output, err := conn.GetSigningCertificate(input)
+
if err != nil {
- return fmt.Errorf("Error getting signing cert from user pool: %w", err)
+ return fmt.Errorf("error reading Cognito User Pool (%s) Signing Certificate: %w", userPoolID, err)
}
- d.SetId(id)
- d.Set("certificate", result.Certificate)
+
+ d.SetId(userPoolID)
+ d.Set("certificate", output.Certificate)
+
return nil
}
diff --git a/internal/service/cognitoidp/user_pool_signing_certificate_data_source_test.go b/internal/service/cognitoidp/user_pool_signing_certificate_data_source_test.go
index dd4c58f9227..8293dcf8af0 100644
--- a/internal/service/cognitoidp/user_pool_signing_certificate_data_source_test.go
+++ b/internal/service/cognitoidp/user_pool_signing_certificate_data_source_test.go
@@ -10,34 +10,34 @@ import (
"github.com/hashicorp/terraform-provider-aws/internal/acctest"
)
-func TestAccCognitoIDPUserPoolSigningCertDataSource_basic(t *testing.T) {
- testName := fmt.Sprintf("tf_acc_ds_cognito_user_pools_%s", sdkacctest.RandString(7))
- resourceName := "aws_cognito_user_pool.saml"
+func TestAccCognitoIDPUserPoolSigningCertificateDataSource_basic(t *testing.T) {
+ rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
+ datasourceName := "data.aws_cognito_user_pool_signing_certificate.test"
+
resource.ParallelTest(t, resource.TestCase{
- PreCheck: func() { acctest.PreCheck(t); testAccPreCheckIdentityProvider(t) },
- ErrorCheck: acctest.ErrorCheck(t, cognitoidentityprovider.EndpointsID),
- Providers: acctest.Providers,
- CheckDestroy: testAccCheckUserPoolDestroy,
+ PreCheck: func() { acctest.PreCheck(t); testAccPreCheckIdentityProvider(t) },
+ ErrorCheck: acctest.ErrorCheck(t, cognitoidentityprovider.EndpointsID),
+ Providers: acctest.Providers,
Steps: []resource.TestStep{
{
- Config: testAccUserPoolSigningCertDataSourceConfig_basic(testName),
+ Config: testAccUserPoolSigningCertificateDataSourceConfig_basic(rName),
Check: resource.ComposeAggregateTestCheckFunc(
- testAccCheckUserPoolExists(resourceName, nil),
- resource.TestCheckResourceAttrSet("data.aws_cognito_user_pool_signing_certificate.saml", "certificate"),
+ resource.TestCheckResourceAttrSet(datasourceName, "certificate"),
),
},
},
})
}
-func testAccUserPoolSigningCertDataSourceConfig_basic(rName string) string {
+func testAccUserPoolSigningCertificateDataSourceConfig_basic(rName string) string {
return fmt.Sprintf(`
-resource "aws_cognito_user_pool" "saml" {
- name = "%s"
+resource "aws_cognito_user_pool" "test" {
+ name = %[1]q
auto_verified_attributes = ["email"]
}
-resource "aws_cognito_identity_provider" "saml" {
- user_pool_id = aws_cognito_user_pool.saml.id
+
+resource "aws_cognito_identity_provider" "test" {
+ user_pool_id = aws_cognito_user_pool.test.id
provider_name = "SAML"
provider_type = "SAML"
@@ -51,8 +51,8 @@ resource "aws_cognito_identity_provider" "saml" {
}
}
-data "aws_cognito_user_pool_signing_certificate" "saml" {
- user_pool_id = aws_cognito_user_pool.saml.id
+data "aws_cognito_user_pool_signing_certificate" "test" {
+ user_pool_id = aws_cognito_user_pool.test.id
}
`, rName)
}
From 04f415fda0424d02821daa163ad8541578a5423f Mon Sep 17 00:00:00 2001
From: Kit Ewbank
Date: Tue, 21 Dec 2021 08:41:35 -0500
Subject: [PATCH 10/10] Tweak documentation.
---
.../docs/d/cognito_user_pool_signing_certificate.markdown | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/website/docs/d/cognito_user_pool_signing_certificate.markdown b/website/docs/d/cognito_user_pool_signing_certificate.markdown
index 69545097795..0623de0543a 100644
--- a/website/docs/d/cognito_user_pool_signing_certificate.markdown
+++ b/website/docs/d/cognito_user_pool_signing_certificate.markdown
@@ -8,7 +8,7 @@ description: |-
# Data Source: aws_cognito_user_pool_signing_certificate
-Use this data source to get the signing certificate to the external SAML IdP.
+Use this data source to get the signing certificate for a Cognito IdP user pool.
## Example Usage
@@ -20,9 +20,8 @@ data "aws_cognito_user_pool_signing_certificate" "sc" {
## Argument Reference
-* `user_pool_id` - (required) The Cognito user pool ids.
-
+* `user_pool_id` - (required) The Cognito user pool ID.
## Attributes Reference
-* `certificate` - the certificate string
+* `certificate` - The certificate string